eWEEK and Other Sites Hit By Malware Through Ads

Users of eWEEK and several other web sites belonging to Ziff Davis Enterprise on Tuesday were hit by a malicious Acrobat PDF file served through advertisements on the site. The attacks were shut down shortly after being identified.

Users of eWEEK and several other web sites belonging to Ziff Davis Enterprise on Tuesday were hit by a malicious Acrobat PDF file served through advertisements on the site. The attacks were shut down shortly after being identified.

Ziff Davis Enterprise is the publisher of eWEEK and a number of other enterprise-focused publications. I should add that I also write for them. I am a former Technical Director at the Labs at both PCMag and eWEEK.

[Ziff Davis Media and Ziff Davis Enterprise used to be part of the same Ziff Davis Publishing company, but they have been separate companies for some time now. And to clarify, or perhaps confuse you further, ZDNet, which also used to be part of the Ziff Davis family, is owned by CNet which is owned by CBS. Clear as mud, right?]

So yes, even if big-time publishers keep their own sites clean, it's possible that users can be compromised through compromises of 3rd-party content, basically ads, on the site. What can you do to protect yourself? All the usual stuff you should do to protect yourself on the web: Keep your browser, operating system, and applications up to date and run updated anti-malware software. Users of current versions of Acrobat and Acrobat Reader were not vulnerable to this attack. A few anti-virus programs detected the malicious PDF as an attack; 6 out of 36 programs on VirusTotal, including Symantec, detected it.

Larry Seltzer has been writing software for and English about computers ever sincemuch to his own amazementhe graduated from the University of Pennsylvania in 1983.
He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.
For...
More »